tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader WebappClassLoader.java
Date Sat, 03 Nov 2001 02:27:32 GMT
remm        01/11/02 18:27:32

  Modified:    catalina/src/share/org/apache/catalina/loader Tag:
                        tomcat_40_branch WebappClassLoader.java
  Log:
  - Port from HEAD:
    - Most of the classloader setters now will do an explicit check for AllPermission.
  - Note: I'm not porting the "canonicalize everything" patch at the moment. I'm not
    sure it is really needed.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.15.2.7  +36 -7     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
  
  Index: WebappClassLoader.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
  retrieving revision 1.15.2.6
  retrieving revision 1.15.2.7
  diff -u -r1.15.2.6 -r1.15.2.7
  --- WebappClassLoader.java	2001/10/20 18:23:35	1.15.2.6
  +++ WebappClassLoader.java	2001/11/03 02:27:32	1.15.2.7
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.15.2.6 2001/10/20 18:23:35 remm Exp $
  - * $Revision: 1.15.2.6 $
  - * $Date: 2001/10/20 18:23:35 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.15.2.7 2001/11/03 02:27:32 remm Exp $
  + * $Revision: 1.15.2.7 $
  + * $Date: 2001/11/03 02:27:32 $
    *
    * ====================================================================
    *
  @@ -119,12 +119,10 @@
    * <p>
    * <strong>IMPLEMENTATION NOTE</strong> - No check for sealing violations or
    * security is made unless a security manager is present.
  - * <p>
  - * <strong>FIXME</strong> - Implement findResources.
    *
    * @author Remy Maucherat
    * @author Craig R. McClanahan
  - * @version $Revision: 1.15.2.6 $ $Date: 2001/10/20 18:23:35 $
  + * @version $Revision: 1.15.2.7 $ $Date: 2001/11/03 02:27:32 $
    */
   public class WebappClassLoader
       extends URLClassLoader
  @@ -341,6 +339,12 @@
       protected boolean started = false;
   
   
  +    /**
  +     * All permission.
  +     */
  +    private Permission allPermission = new java.security.AllPermission();
  +
  +
       // ------------------------------------------------------------- Properties
   
   
  @@ -361,6 +365,9 @@
        */
       public void setDebug(int debug) {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           this.debug = debug;
   
       }
  @@ -383,6 +390,9 @@
        */
       public void setDelegate(boolean delegate) {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           this.delegate = delegate;
   
       }
  @@ -395,7 +405,8 @@
        * @param path file directory path
        */
       public void setPermissions(String path) {
  -        if( securityManager != null ) {
  +        if (securityManager != null) {
  +            securityManager.checkPermission(allPermission);
               if( path.startsWith("jndi:") || path.startsWith("jar:jndi:") ) {
                   permissionList.add(new JndiPermission(path + "*"));
               } else {
  @@ -431,6 +442,9 @@
        */
       public void setJarPath(String jarPath) {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           this.jarPath = jarPath;
   
       }
  @@ -451,6 +465,9 @@
        */
       public void addRepository(String repository) {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           // Ignore any of the standard repositories, as they are set up using
           // either addJar or addRepository
           if (repository.startsWith("/WEB-INF/lib")
  @@ -480,6 +497,9 @@
        */
       synchronized void addRepository(String repository, File file) {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           // Note : There should be only one (of course), but I think we should
           // keep this a bit generic
   
  @@ -513,6 +533,9 @@
       synchronized void addJar(String jar, JarFile jarFile, File file)
           throws IOException {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           if (jar == null)
               return;
           if (jarFile == null)
  @@ -1413,6 +1436,9 @@
        */
       public void start() throws LifecycleException {
   
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
  +
           started = true;
   
       }
  @@ -1424,6 +1450,9 @@
        * @exception LifecycleException if a lifecycle error occurs
        */
       public void stop() throws LifecycleException {
  +
  +        if (securityManager != null)
  +            securityManager.checkPermission(allPermission);
   
           started = false;
   
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message